mendix
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill directs users to install the
@membranehq/clipackage globally via npm. This is a legitimate tool provided by the author for managing integrations through the Membrane platform.- [COMMAND_EXECUTION]: The skill uses themembraneCLI to execute shell commands for authenticating with the platform, searching for connectors, and running Mendix actions. These commands are necessary for the functional operation of the integration.- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes data from the Mendix platform through commands likemembrane action runandmembrane request(SKILL.md). Boundary markers are absent in the instructions, and no specific sanitization steps are defined for handling external data. The skill maintains the capability to execute shell commands via themembraneCLI (SKILL.md).
Audit Metadata